SpringBoot学习之密码加密

通过BCryptPasswordEncoder对密码进行加密

for (int i = 0; i < 10; i++) {
            BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
            System.out.println(encoder.encode("123"));
        }

配置MultiHttpSecurityConfig类

package org.hx.springboot_springsecurity_demo44.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * @Description: TODO
 * @author: hx
 * @date: 2021年04月14日 15:59
 */
@Configuration
public class MultiHttpSecurityConfig {
    @Bean
    PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }
    @Autowired
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .withUser("hx").password("$2a$10$NdADd9.KLXEVJrNlDjWzD.flLiUnXXxPegJZUv09S8bKq.qh1BCSS").roles("admin")
                .and()
                .withUser("hx1").password("$2a$10$0Kz.MUDZzDwbMJCpiN/cbOkMMtCucoBF/w1lrIEY62ZWz6pxZwJiO").roles("user");
    }
    @Configuration
    @Order(1)
    public static class  AdminSecurityConfig extends WebSecurityConfigurerAdapter{
        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http.antMatcher("/admin/**").authorizeRequests().anyRequest().hasAnyRole("admin");
        }
    }
    @Configuration
    public static class OtherSecurityConfig extends WebSecurityConfigurerAdapter{
        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http.authorizeRequests().anyRequest().authenticated()
                    .and()
                    .formLogin()
                    .loginProcessingUrl("/dologin")
                    .permitAll()
                    .and()
                    .csrf()
                    .disable();
        }
    }
}
版权声明:本文为hxxx1314原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。